This reverts commit dee41e92f0.
This patch breaks cases where some config files make changes to earlier ones,
ordering is important. The reproducibility issue in busybox was elsewhere.
(From OE-Core rev: 37d71a7a290a24ee9f57a76725e27769588de0ca)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit ab0a296607b58775e91948ba40956c666dbb1244)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
If the selected version if not available, bitbake will happily attempt
to build something else. This should be a loud warning not a small note.
(Bitbake rev: 078f3164dcb1de7a141bec3a8fd52631d0362631)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 78cd63285713fde59506eb2e71a7b7ee59a594ff)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
runtest return an error due to missing expect on the target.
Add expect as runtime dependency.
(From OE-Core rev: 381a5f3e409504b2a31710d971eef58346339ae4)
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit d9a3a08edc1efcbe7b02e80be98370792d3c6cc2)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Integrating the following commit(s) to linux-yocto/5.4:
qemuppc32: reduce serial issues seen on shutdown
Richard reported:
We've been seeing a lot of the qemuppc shutdown issue and I decided to
look into it. The really worrying thing looking at the logs locally is the
serial ports are showing irq issues and becoming disabled as nobody would
handle them.
Errors like:
[ 9.194886] irq 36: nobody cared (try booting with the "irqpoll" option)
[ 9.198712] CPU: 0 PID: 127 Comm: bootlogd Not tainted
[ 9.202283] Call Trace:
[ 9.205611] [d1005f00] [c00a0da8] __report_bad_irq+0x50/0x138 (unreliable)
[ 9.209347] [d1005f30] [c00a0cc0] note_interrupt+0x324/0x378
[ 9.212855] [d1005f70] [c009d138] handle_irq_event+0xe8/0x104
[ 9.216353] [d1005fa0] [c00a1d9c] handle_fasteoi_irq+0xc0/0x29c
[ 9.219960] [d1005fc0] [c009b798] generic_handle_irq+0x40/0x5c
[ 9.223496] [d1005fd0] [c00075d0] __do_irq+0x58/0x188
[ 9.226948] [d1005ff0] [c0010040] call_do_irq+0x20/0x38
[ 9.230391] [d29eda60] [c0007788] do_IRQ+0x88/0xfc
[ 9.233860] [d29eda90] [c0016454] ret_from_except+0x0/0x14
[ 9.237288] --- interrupt: 501 at __setup_irq+0x3c4/0x838
[ 9.237288] LR = __setup_irq+0x790/0x838
[ 9.244155] [d29edb88] [c009f0a4] request_threaded_irq+0x114/0x1c8
[ 9.247672] [d29edbb8] [c07a5a18] pmz_startup+0x17c/0x32c
[ 9.251203] [d29edbd8] [c07a1140] uart_port_startup+0x184/0x2f8
[ 9.254651] [d29edc08] [c07a1974] uart_port_activate+0x78/0xf4
[ 9.258141] [d29edc28] [c07839f8] tty_port_open+0xd4/0x170
[ 9.261579] [d29edc58] [c079db74] uart_open+0x2c/0x48
[ 9.265116] [d29edc68] [c077a288] tty_open+0x168/0x640
[ 9.268574] [d29edcd8] [c0280be8] chrdev_open+0x138/0x2a4
[ 9.272123] [d29edd18] [c027421c] do_dentry_open+0x228/0x410
[ 9.275643] [d29edd48] [c028e9f4] path_openat+0xb04/0xf28
[ 9.279184] [d29eddd8] [c02917e4] do_filp_open+0x120/0x164
[ 9.282535] [d29ede98] [c0276238] do_sys_openat2+0xd8/0x19c
[ 9.285790] [d29edee8] [c0276574] sys_openat+0x88/0xdc
[ 9.289096] [d29edf38] [c00160d8] ret_from_syscall+0x0/0x34
[ 9.292620] --- interrupt: c01 at 0xfec3738
[ 9.292620] LR = 0xfec36e0
[ 9.299035] handlers:
[ 9.302312] [<7f7f7da8>] pmz_interrupt
[ 9.305541] Disabling IRQ #36
(and the irqpoll option does not help)
This is problematic as the shutdown test uses the serial interface to
shut down the system. If the serial interface fails to login or run the command,
game over for the test.
CONFIG_SERIAL_PMACZILOG_CONSOLE complicates that handling, but doesn't provide
any output or capabilities that we need. So we disable it here, and
reduce the chances of issues during shutdown.
(From OE-Core rev: 9ee0f43414a121487fc3310f4d5635b09aa3e117)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 42355cb73049ee7a4af0f539a2a5b7d4ee1abc65)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This currently catches the .clb_blob and .vamrs,rock960.txt, and other
.txt files may come in future upstream releases.
(From OE-Core rev: 501cd3063af388dabd3329d2e69ac218ffd62a9e)
Signed-off-by: Yann Dirson <yann@blade-group.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit e332738a8aae0914c58b40faae8b9d7a82fd6a95)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Update CVE_PRODUCT to also include 'berkeley_db'. For example,
CVE-2020-2981 uses 'berkeley_db'.
(From OE-Core rev: 753e6510df01fb4d71f46639bef06e1361f87170)
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit ad799b109716ccd2f44dcf7a6a4cfcbd622ea661)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
When running a shutdown command, the serial port can close without the
command returning. This is seen as the socket being readable but having
no data. Change the way this case is handled in the code to avoid
tracebacks.
(From OE-Core rev: 9c0b242856de519c58be179f82441a35fc635ad9)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 396a3ba884820d040c91f7592daf20ac28c49b5d)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The recent logging changes for qemurunner showed up as errors on the
autobuilder where decode couldn't be called on the returned string.
Since the code returns binary data, return b'' instead of '' to match
to avoid tracebacks.
One of these cases was newly added, copied from the other which has
been there for a long time, always broken.
(From OE-Core rev: 8f24a7b35861b6aec39bc8d589e090ea9816732c)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit b8995b27db265b0a0b2d2ca595915f70f9f96e07)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Rather than totally disabling the logging, inform it we're about to exit
so we can log messages over the exit cleanly too. This aids debugging. It
also avoids a race where the logging handler could still error whilst
shutting down.
Also remove a race window by notificing the handler of the shutdown
first, before triggering it. This removes a race window I watched in
local testing.
(From OE-Core rev: 57249316b6c66c5e17804e1b04f2d5cf0db92683)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 0e19f31a1005f94105e1cef252abfffcef2aafad)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Issue only affects Debian and SUSE.
(From OE-Core rev: 760cc905fda18ee73ff3698a117f8841d3823b65)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 72522fa1a5f3b9b2855043fe6b421886d641385f)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Issue only affects windows.
(From OE-Core rev: 9b214d503f3237fa7cd96c20686e610b09994823)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit a90d3b056992346003d96765fc8639f5235cca55)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Some fix upstream addresses the issue, it isn't clear which change this was. Our
current version doesn't have issues with the test image though so we can exclude.
(From OE-Core rev: 256f6be93eed82c7db8a76b1038e105331c0009f)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 3874da694ae1d9de06dd003bd80705205e2b033b)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
These CVEs are fixed with kernel changes and don't affect the bluez recipe.
(From OE-Core rev: d7779a9d58b088ce078956af4fdc0325d8c03c35)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 658902477840ea34d414083c4c79616bf5e999a2)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The CVE is in the jpeg sources included with ghostscript. We use our own
external jpeg library so this doesn't affect us.
(From OE-Core rev: 829296767ecfbd443d738367b7146a91506e25f2)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 8556d6a6722f21af5e6f97589bec3cbd31da206c)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Issue applies to use of cpio in SUSE/OBS, doesn't apply to us.
(From OE-Core rev: 0f759992b7713e9664a4276a068a65f5e638fe33)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 915b38c54a7932744a9f56713d1c6bd00a789331)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The patch mentioned as the fix for the CVE is applied to the 6.0 source
code. Zip versioning makes CPE entry changes hard.
(From OE-Core rev: 4ff9d2c57d9cade1faa3916f171e5ad96ee32487)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 8917e5ae2bb44d017fc0155f16632c5decadb0bd)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
CVE only applies to some distributed RHEL binaries so irrelavent to us.
(From OE-Core rev: 44d477b1cadc3e48c0a902123736fdf3bf2b412c)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 5d8b3ddf91050f6745a99a8abb1c3b03c35247af)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
We don't build/use the OPIE PAM module, exclude the CVE from this recipe.
(From OE-Core rev: d55474025a4518c674d9781c4c3b1ce5d6389466)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 3670be602f2ace24dc49e196407efec577164050)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
These CVEs apply to the way logrotate was installed on Gentoo, Debian
and SUSE, exclude from cve-check as they don't apply to OE.
(From OE-Core rev: 99cb9534902717e637f1460c1d1c10d290bbebf2)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 23643016f3b8794db772e333ff0b8f598571b628)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The CVE is non-specific and depends on the users of jquery, doesn't
make sense to have this flagged against jquery as there is nothing we can
do about it.
(From OE-Core rev: d18ba3735ff3438ebd60b680e6bae5227c85bccb)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 1f82843584f6d2843c5bbd2fe5dcbc654a0fbcfb)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The issues were investigated and found not to be an issue therefore
exclude from checks.
(From OE-Core rev: 05f39301ab19a968916163b2d8f65beda7c09852)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit ee6ee9bd489c126b99d15c1011560df2f840a6e9)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The CVE applies to the built-in VNC server but we don't enable this by default.
(From OE-Core rev: f0e0787265d9d8bd01629f2b56a0eb57d950c037)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit d62b9974a5f3a0f462434ce2763c28a4b4bbcfc6)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The CVE applies to virglrender before 0.6.0 which we don't have.
(From OE-Core rev: 559ed3e62e542b7a4456a9a4eef8742ce8521dfb)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 9b5355375d028577de0b98e05992de6a088cb972)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
These CVEs are disputed by upstream and there is no plan to fix/address them. No
other distros are carrying patches for them. There is a patch for 1010025
however it isn't merged upstream and probably carries more risk of other bugs
than not having it.
(From OE-Core rev: 2afbfc1eb6bc7613da4a7f06ac267ea561b5470e)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit b238db678083cc15313b98d2e33f83cccab03fc6)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
We no longer have a recipe for 5.0% in dunfell (and never did).
(From meta-yocto rev: d8bdb69e6bd7b52cf047cd6be406bf632a600a58)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Both don't seem to be reproducible with fedora 33
(From OE-Core rev: 55dc503f4ab33e2aa51a3a6e4003131e0b9355ff)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
If the scripts/postinst-intercepts is owned by root/root then the copyfile() calls
will fail due to chown issues. We don't care about ownership of these files so
use shutil.copy() instead which won't perform any chown.
(From OE-Core rev: e9c8f43296552b43376d87fb291458731fb7f718)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Adjusting the tolerance to a more reasonable time
given the load on the AB and given the high amount(100) of
events some of the tests like `common_timeout` generates.
[YOCTO #14163]
(From OE-Core rev: 3c59989b7a09f412704f90480c3726a0cb7df746)
Signed-off-by: Yi Fan Yu <yifan.yu@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 38b36d2b90d570149e63816e68f457aea28a5092)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This expands the error message when a network failure is detected.
It happens that some ISPs or networks block the default example.com
domain. Therefore, instead of disabling network access, it
lets the user know how to modify the test URL.
(From OE-Core rev: 690e368ae06a461fb21b4eee1b78fb637279bbfe)
Signed-off-by: Michael Opdenacker <michael.opdenacker@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 62c94bb925543c1e1c5af3c751913d9f06d9597d)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Instead of having find directly invoke touch for each file in the root
file system, pass a list to xargs for batching. This significantly
reduces the number of times the touch program is invoked and speeds up
the do_image task time:
PKG TASK ABSDIFF RELDIFF CPUTIME1 -> CPUTIME2
my-image do_image -45.3s -94.2% 48.1s -> 2.8s
Cumulative cputime:
-44.3s -92.3% 00:48.1 (48.1s) -> 00:03.7 (3.7s)
(From OE-Core rev: 2538a566f01f79537f8a94d93ac02588d6c239ec)
Signed-off-by: Joshua Watt <JPEWhacker@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 15c65f90a3aa1e98c2beab2539403157df1fca08)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
LD_LIBRARY_PATH leaks into host executables too, and breaks them
as they are not uninative-enabled. E.g. on ubuntu 18.04 trying
to run host bash with a sysroot that was built on Fedora 33:
akanavin@ubuntu1804-ty-3:/home/pokybuild/yocto-worker/oe-selftest-ubuntu/build/build-st-24341/tmp/work/x86_64-linux/gnupg-native/2.3.1-r0/recipe-sysroot-native$ LD_LIBRARY_PATH=./usr/lib /bin/bash
/bin/bash: ./usr/lib/libtinfo.so.5: no version information available (required by /bin/bash)
/bin/bash: /lib/x86_64-linux-gnu/libc.so.6: version `GLIBC_2.33' not found (required by ./usr/lib/libtinfo.so.5)
This was seen e.g. here:
https://autobuilder.yoctoproject.org/typhoon/#/builders/87/builds/2090/steps/14/logs/stdio
(From OE-Core rev: a150f6fba94518509ee80869ffbfb973c1283e3b)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 0e9850486b74a3de934527ca1077df001d3a8d22)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Reversal of global setting in previous commit necessitates
a local fix, otherwise, this happens:
File "/home/pokybuild/yocto-worker/reproducible-debian/build/build-st-52142/tmp/work/x86_64-linux/diffoscope-native/172-r0/recipe-sysroot-native/usr/lib/python3.9/ctypes/__init__.py", line 392, in __getitem__
func = self._FuncPtr((name_or_ordinal, self))
AttributeError: nativepython3: undefined symbol: archive_errno
(From OE-Core rev: 0f4531275c1e332de81b31b89e52f588fc34b14a)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 87884d9938829d5ae5d250f483c749e00cd83322)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
With kernel v5.8+ and gcc10 plugins, we can run into the following build error:
HOSTCXX -fPIC scripts/gcc-plugins/arm_ssp_per_task_plugin.o
In file included from
/home/pokybuild/yocto-worker/qemuarm/build/build/tmp/work/qemuarm-poky-linux-gnueabi/make-mod-scripts/1.0-r0/recipe-sysroot-native/usr/bin/arm-poky-linux-gnueabi/../../lib/arm-poky-linux-gnueabi/gcc/arm-poky-linux-gnueabi/10.1.0/plugin/include/gcc-plugin.h:28,
from
/home/pokybuild/yocto-worker/qemuarm/build/build/tmp/work-shared/qemuarm/kernel-source/scripts/gcc-plugins/gcc-common.h:7,
from
/home/pokybuild/yocto-worker/qemuarm/build/build/tmp/work-shared/qemuarm/kernel-source/scripts/gcc-plugins/arm_ssp_per_task_plugin.c:3:
/home/pokybuild/yocto-worker/qemuarm/build/build/tmp/work/qemuarm-poky-linux-gnueabi/make-mod-scripts/1.0-r0/recipe-sysroot-native/usr/bin/arm-poky-linux-gnueabi/../../lib/arm-poky-linux-gnueabi/gcc/arm-poky-linux-gnueabi/10.1.0/plugin/include/system.h:687:10:
fatal error: gmp.h: No such file or directory
687 | #include <gmp.h>
| ^~~~~~~
(From OE-Core rev: 51a09f99127a90716b22a48a221838e6af1a617f)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit cb055446e0fe4771c8bd6122e79d43ef8db2e45b)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
When doing the perf python3 conversion, the audit-python RDEPENDS
was caught up in the regex replacement and was incorrectly changed.
The audit recipe continues to produce a package called audit-python
and it is that package we should have as a RDEPENDS.
(From OE-Core rev: 489541edb82b0d3de68f60b38e7465b2f5511ec0)
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 7eccb9c0c2ea00685451c44cb8faa96c4a2272fd)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
